Here is the rewritten content without changing its meaning, retaining the original length, and keeping proper headings and titles:

Managing Data Risks in AI Projects

Introduction

Data is a critical factor in the success or failure of AI and Generative AI (GenAI) projects. The AI life cycle and its outcomes are highly susceptible to issues stemming from inadequate data collection, management, quality, and protection. Managing data risks in AI projects is challenging due to the absence of a single point of failure.

Collaborative Effort Required

Data is ubiquitous, with data pipelines being integral components of any organization. As a result, no single role holds full responsibility for data management. Instead, a collaborative effort is required from chief data officers (CDOs), heads of AI, data governors, security staff, and line of business (LOB) managers. This shared accountability introduces significant complexity to AI projects.

Comprehensive Assessment of Data Risks

Below is a comprehensive assessment of specific data risks throughout the AI life cycle, along with recommendations for mitigating them.

1. Addressing the Risk of Missing Important Data Elements

One significant risk in AI projects is the omission of crucial data elements. Often, data collection focuses solely on immediate needs, neglecting the requirements of future downstream applications. This oversight can result in incomplete data sets, leading to the development of suboptimal AI models. To mitigate this risk, it is recommended that organizations implement a robust data and AI governance program. Regularly assessing the types of data and metadata collected is also essential. By doing so, organizations can ensure comprehensive data collection that supports both current and future AI model development.

2. Mitigating the Risk of Misrepresenting Data

Misrepresentation of data poses a significant risk in AI projects, as data captured at the source can be misinterpreted by downstream users, particularly when metadata and contextual information are lacking. For instance, describing temperature simply as “low,” “medium,” or “high” rather than using precise scalar values. This can lead to the development of suboptimal or inferior AI models.

To address this issue, it is crucial to establish clear data measurement standards, including data distribution, data transformations, selections, filters, and protocols. Additionally, employing advanced data and metadata collection tools and techniques ensures that all relevant and diverse data is accurately captured and measured.

3. Ensuring Appropriate Validation and Test Data

If test data fails to accurately reflect the real-world scenarios a model will face, it can lead to misleading assessments of the model’s performance. This discrepancy may result in AI systems that excel in controlled testing environments but falter in practical applications. To mitigate this risk, it is essential to carefully select test data that truly represents the conditions the model will encounter. Employing techniques such as stratification, cross-validation, and continuous monitoring can enhance the reliability of test data.

4. Addressing Insufficient Data Cleanliness

Insufficient data cleanliness is a significant risk in AI projects, as using data that is not properly cleaned or validated can introduce errors and inaccuracies into AI models. The challenge lies in determining the appropriate level of data cleansing, as excessive cleaning can waste valuable time and resources. To tackle this issue, it is recommended to invest in data quality and data observability. This approach ensures that data quality is applied and maintained throughout the entire life cycle of AI initiatives.

5. Risk of Inappropriate Data Exposure

AI models trained on sensitive data without adequate planning can lead to significant compliance, privacy, and intellectual property risks. Such exposure may result in regulatory actions, lawsuits, reputational damage, and business losses. To mitigate these risks, implementing robust data security governance is essential to prioritize data risk mitigations. Leveraging appropriate data security controls, such as data security posture management, data loss prevention, privacy enhanced technology, and encryption, can help manage these risks effectively. Additionally, ensuring compliance with relevant data privacy regulations is crucial to protect against potential exposure and its adverse effects.

6. Risk of Data Poisoning

Data poisoning is a critical threat where malicious agents manipulate training datasets to compromise AI model performance, aligning it with their interests rather than those of the enterprise. This can lead to data corruption, biased outcomes, errors, and even enable malicious activities like breaches and ransomware. To counter this risk, employing technologies such as data security posture management and TRiSM is vital to identify each AI model’s access to sensitive data. Restricting AI model privileges to prevent and detect data manipulation and poisoning attempts is crucial. Regularly reviewing and updating security protocols, along with ensuring vendor accountability for risks and mitigations, further strengthens security against this threat.

7. Risk of Growing Complexity in the Data Stack

The increasing complexity of managing and integrating diverse data sources, technologies, and infrastructure poses a significant challenge for delivering data for AI use cases. As organizations expand their AI initiatives, navigating complex data landscapes to find representative data becomes difficult, complicating the processes of data identification, access, and delivery. To address this challenge, it is recommended to establish a robust metadata management practice, which can streamline the identification of data involved in AI use cases. Additionally, simplifying and standardizing data engineering technologies—such as data catalogs, lakehouses, and data fabrics—can facilitate the integration and management of diverse data sources, thereby enhancing the efficiency and effectiveness of data delivery.

About the Author

The author is Alexander Linden, VP Analyst at Gartner.

Disclaimer

The views expressed are solely of the author and ETCISO does not necessarily subscribe to it. ETCISO shall not be responsible for any damage caused to any person/organization directly or indirectly.

Publication Details

Published On Feb 14, 2025 at 10:55 AM IST
Updated On Feb 14, 2025 at 10:55 AM IST
4 min read